As mobile devices become increasingly ubiquitous, users are beginning to store sensitive information, perform financial transactions, and take other actions that are normally done on non-mobile computing platforms. This type of activity makes mobile devices an attractive target to malicious parties who may wish to compromise the security of a user's mobile device to steal data, snoop on a user's communication, or perform some other type of fraudulent actions. Therefore, the security of the mobile device (including both its hardware and software platform) is becoming increasingly important. Traditional approaches to mobile device software security often involve adopting the antivirus from non-mobile computing platforms, where installed applications and files are scanned locally on the device using signatures and heuristics to determine whether malicious applications or files may be present. However, the environment of mobile devices is where devices are less powerful have limited battery lives. Additionally, user behavior on mobile devices is different where users frequently install new applications. The number of malicious apps is unlimited, and thus, attempting to detect and prevent malicious code is unreasonable for the mobile hardware/software environment. Thus, there is a need in the mobile security field to create a new and useful system and method for assessing vulnerability of a mobile device. This invention provides such a new and useful system and method.